* Drop source-compatibility with Debian 3.0:

- Remove support for building with GNOME 1. This allows simplification of our GNOME build-dependencies (see #460136). - Remove hacks to support the old PAM configuration scheme. - Remove compatibility for building without po-debconf. * Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I can see, the GTK2 version of ssh-askpass-gnome has never required libgnomeui-dev.
author: Colin Watson <cjwatson@debian.org> 2008-01-11 00:09:20 +0000
committer: Colin Watson <cjwatson@debian.org> 2008-01-11 00:09:20 +0000
commit: a508edc2333f9b001dabd65368067a8cc05d3faa (patch)
tree: 6dec8710161eb36a91affbc1f4170291d8ef57dd /debian/openssh-server.templates
parent: 7663ed6227ec01f2fc33e7adcb597201f006b62e (diff)
1 files changed, 64 insertions, 0 deletions
diff --git a/debian/openssh-server.templates b/debian/openssh-server.templates
new file mode 100644
index 000000000..2cc62f8f1
--- /dev/null
+++ b/debian/openssh-server.templates
@@ -0,0 +1,64 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# for an advice to debian-l10n-english@lists.debian.org
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+#
+Template: ssh/new_config
+Type: boolean
+Default: true
+_Description: Generate a new configuration file for OpenSSH?
+ This version of OpenSSH has a considerably changed configuration file from
+ the version shipped in Debian 'Potato', which you appear to be upgrading
+ from. This package can now generate a new configuration file
+ (/etc/ssh/sshd.config), which will work with the new server version, but
+ will not contain any customizations you made with the old version.
+ .
+ Please note that this new configuration file will set the value of
+ 'PermitRootLogin' to 'yes' (meaning that anyone knowing the root password
+ can ssh directly in as root). Please read the README.Debian file for
+ more details about this design choice.
+ .
+ It is strongly recommended that you choose to generate a new
+ configuration file now.
+Template: ssh/use_old_init_script
+Type: boolean
+Default: false
+_Description: Do you want to risk killing active SSH sessions?
+ The currently installed version of /etc/init.d/ssh is likely to kill
+ all running sshd instances. If you are doing this upgrade via an SSH
+ session, you're likely to be disconnected and leave the upgrade
+ procedure unfinished.
+ .
+ This can be fixed by manually adding "--pidfile /var/run/sshd.pid" to
+ the start-stop-daemon line in the stop section of the file.
+Template: ssh/encrypted_host_key_but_no_keygen
+Type: note
+_Description: New host key mandatory
+ The current host key, in /etc/ssh/ssh_host_key, is encrypted with the
+ IDEA algorithm. OpenSSH can not handle this host key file, and the
+ ssh-keygen utility from the old (non-free) SSH installation does not
+ appear to be available.
+ .
+ You need to manually generate a new host key.
+Template: ssh/disable_cr_auth
+Type: boolean
+Default: false
+_Description: Disable challenge-response authentication?
+ Password authentication appears to be disabled in the current OpenSSH
+ server configuration. In order to prevent users from logging in using
+ passwords (perhaps using only public key authentication instead) with
+ recent versions of OpenSSH, you must disable challenge-response
+ authentication, or else ensure that your PAM configuration does not allow
+ Unix password file authentication.
+ .
+ If you disable challenge-response authentication, then users will not be
+ able to log in using passwords. If you leave it enabled (the default
+ answer), then the 'PasswordAuthentication no' option will have no useful
+ effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.
author	Colin Watson <cjwatson@debian.org>	2008-01-11 00:09:20 +0000
committer	Colin Watson <cjwatson@debian.org>	2008-01-11 00:09:20 +0000
commit	a508edc2333f9b001dabd65368067a8cc05d3faa (patch)
tree	6dec8710161eb36a91affbc1f4170291d8ef57dd /debian/openssh-server.templates
parent	7663ed6227ec01f2fc33e7adcb597201f006b62e (diff)

diff --git a/debian/openssh-server.templates b/debian/openssh-server.templates new file mode 100644 index 000000000..2cc62f8f1 --- /dev/null +++ b/debian/openssh-server.templates
@@ -0,0 +1,64 @@
	1	# These templates have been reviewed by the debian-l10n-english
	2	# team
	3	#
	4	# If modifications/additions/rewording are needed, please ask
	5	# for an advice to debian-l10n-english@lists.debian.org
	6	#
	7	# Even minor modifications require translation updates and such
	8	# changes should be coordinated with translators and reviewers.
	9	#
	10	Template: ssh/new_config
	11	Type: boolean
	12	Default: true
	13	_Description: Generate a new configuration file for OpenSSH?
	14	This version of OpenSSH has a considerably changed configuration file from
	15	the version shipped in Debian 'Potato', which you appear to be upgrading
	16	from. This package can now generate a new configuration file
	17	(/etc/ssh/sshd.config), which will work with the new server version, but
	18	will not contain any customizations you made with the old version.
	19	.
	20	Please note that this new configuration file will set the value of
	21	'PermitRootLogin' to 'yes' (meaning that anyone knowing the root password
	22	can ssh directly in as root). Please read the README.Debian file for
	23	more details about this design choice.
	24	.
	25	It is strongly recommended that you choose to generate a new
	26	configuration file now.
	27
	28	Template: ssh/use_old_init_script
	29	Type: boolean
	30	Default: false
	31	_Description: Do you want to risk killing active SSH sessions?
	32	The currently installed version of /etc/init.d/ssh is likely to kill
	33	all running sshd instances. If you are doing this upgrade via an SSH
	34	session, you're likely to be disconnected and leave the upgrade
	35	procedure unfinished.
	36	.
	37	This can be fixed by manually adding "--pidfile /var/run/sshd.pid" to
	38	the start-stop-daemon line in the stop section of the file.
	39
	40	Template: ssh/encrypted_host_key_but_no_keygen
	41	Type: note
	42	_Description: New host key mandatory
	43	The current host key, in /etc/ssh/ssh_host_key, is encrypted with the
	44	IDEA algorithm. OpenSSH can not handle this host key file, and the
	45	ssh-keygen utility from the old (non-free) SSH installation does not
	46	appear to be available.
	47	.
	48	You need to manually generate a new host key.
	49
	50	Template: ssh/disable_cr_auth
	51	Type: boolean
	52	Default: false
	53	_Description: Disable challenge-response authentication?
	54	Password authentication appears to be disabled in the current OpenSSH
	55	server configuration. In order to prevent users from logging in using
	56	passwords (perhaps using only public key authentication instead) with
	57	recent versions of OpenSSH, you must disable challenge-response
	58	authentication, or else ensure that your PAM configuration does not allow
	59	Unix password file authentication.
	60	.
	61	If you disable challenge-response authentication, then users will not be
	62	able to log in using passwords. If you leave it enabled (the default
	63	answer), then the 'PasswordAuthentication no' option will have no useful
	64	effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.